W1red's Guide to Hacking WPA/WPA2 Enterprise
Hi guys I thought I'd just share this little guide I wrote up, I think it will give some of you an interesting read. It talks about a few vulnerabilities regarding WPA/WPA2 Enterprise networks and how to go about auditing them. Its my first guide so don't be too harsh. Please let me know ;)
This guide will use the following scenarios:
1.Certificate authentication is not present
2. Certificate authentication is present but doesnt specify the server
3. Using Iphones to hack wpa enterprise
The success rate of this hack will come down to the strength of your dictionary, just like regular WPA. This guide however does not discuss rainbow tables for cracking the challenge response, perhaps I will write that up if anyone wants.
http://www.mediafire.com/?oyimmzmiumy
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
I talk about some of these same issues in one of my tutorials:
Tips and Tricks for Using 802.1X in Windows - www.esecurityplanet.com
You might also want to check out a free hosted RADIUS/802.1X service:
Outsourced RADIUS/802.1X Authentication for WPA/WPA2-Enterprise
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
W1red, great write-up.
Would you be able to point me to more detail on the iPhone section of the howto?
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
Quote:
Originally Posted by
w1red
The success rate of this hack will come down to the strength of your dictionary, just like regular WPA. This guide however does not discuss rainbow tables for cracking the challenge response, perhaps I will write that up if anyone wants.
http://www.mediafire.com/?oyimmzmiumy
Yes please because im completely lost as to how to use rainbow tables in the cracking of a WPA handshake
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
ermm!! that good guide. i think better to understand the TX/RX, Wireless, alghorithm, aircrack-ng etc. if you understand the flow its so helpful to bring down the WPA/WPA2 Enterprise, that is my opinion......happy hunting!!!
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
Good write-up. I purchaed a valid cert a while back but could never get in installed correctly. Could you give me some advise on how to install my cert. (Its a godaddy cert )
Thanks!
Re: W1red's Guide to Hacking WPA/WPA2 Enterprise
My friend's wifi was WEP, so I told him his password and he freaked out. So he changed it to WPA2 Enterprise with keyshift or something like that. He said the interval was above 360 seconds otherwise his iPhone times out.
Is this possible to crack? I can get the number of characters in the password from him, and then bruteforce it. I've got a fairly decent rig with an ATI card.
